wpa_auth_i.h

Go to the documentation of this file.
00001 
00016 #ifndef WPA_AUTH_I_H
00017 #define WPA_AUTH_I_H
00018 
00019 /* max(dot11RSNAConfigGroupUpdateCount,dot11RSNAConfigPairwiseUpdateCount) */
00020 #define RSNA_MAX_EAPOL_RETRIES 4
00021 
00022 struct wpa_group;
00023 
00024 struct wpa_stsl_negotiation {
00025         struct wpa_stsl_negotiation *next;
00026         u8 initiator[ETH_ALEN];
00027         u8 peer[ETH_ALEN];
00028 };
00029 
00030 
00031 struct wpa_state_machine {
00032         struct wpa_authenticator *wpa_auth;
00033         struct wpa_group *group;
00034 
00035         u8 addr[ETH_ALEN];
00036 
00037         enum {
00038                 WPA_PTK_INITIALIZE, WPA_PTK_DISCONNECT, WPA_PTK_DISCONNECTED,
00039                 WPA_PTK_AUTHENTICATION, WPA_PTK_AUTHENTICATION2,
00040                 WPA_PTK_INITPMK, WPA_PTK_INITPSK, WPA_PTK_PTKSTART,
00041                 WPA_PTK_PTKCALCNEGOTIATING, WPA_PTK_PTKCALCNEGOTIATING2,
00042                 WPA_PTK_PTKINITNEGOTIATING, WPA_PTK_PTKINITDONE
00043         } wpa_ptk_state;
00044 
00045         enum {
00046                 WPA_PTK_GROUP_IDLE = 0,
00047                 WPA_PTK_GROUP_REKEYNEGOTIATING,
00048                 WPA_PTK_GROUP_REKEYESTABLISHED,
00049                 WPA_PTK_GROUP_KEYERROR
00050         } wpa_ptk_group_state;
00051 
00052         Boolean Init;
00053         Boolean DeauthenticationRequest;
00054         Boolean AuthenticationRequest;
00055         Boolean ReAuthenticationRequest;
00056         Boolean Disconnect;
00057         int TimeoutCtr;
00058         int GTimeoutCtr;
00059         Boolean TimeoutEvt;
00060         Boolean EAPOLKeyReceived;
00061         Boolean EAPOLKeyPairwise;
00062         Boolean EAPOLKeyRequest;
00063         Boolean MICVerified;
00064         Boolean GUpdateStationKeys;
00065         u8 ANonce[WPA_NONCE_LEN];
00066         u8 SNonce[WPA_NONCE_LEN];
00067         u8 PMK[PMK_LEN];
00068         struct wpa_ptk PTK;
00069         Boolean PTK_valid;
00070         Boolean pairwise_set;
00071         int keycount;
00072         Boolean Pair;
00073         struct {
00074                 u8 counter[WPA_REPLAY_COUNTER_LEN];
00075                 Boolean valid;
00076         } key_replay[RSNA_MAX_EAPOL_RETRIES];
00077         Boolean PInitAKeys; /* WPA only, not in IEEE 802.11i */
00078         Boolean PTKRequest; /* not in IEEE 802.11i state machine */
00079         Boolean has_GTK;
00080         Boolean PtkGroupInit; /* init request for PTK Group state machine */
00081 
00082         u8 *last_rx_eapol_key; /* starting from IEEE 802.1X header */
00083         size_t last_rx_eapol_key_len;
00084 
00085         unsigned int changed:1;
00086         unsigned int in_step_loop:1;
00087         unsigned int pending_deinit:1;
00088         unsigned int started:1;
00089         unsigned int mgmt_frame_prot:1;
00090 #ifdef CONFIG_IEEE80211R
00091         unsigned int ft_completed:1;
00092         unsigned int pmk_r1_name_valid:1;
00093 #endif /* CONFIG_IEEE80211R */
00094 
00095         u8 req_replay_counter[WPA_REPLAY_COUNTER_LEN];
00096         int req_replay_counter_used;
00097 
00098         u8 *wpa_ie;
00099         size_t wpa_ie_len;
00100 
00101         enum {
00102                 WPA_VERSION_NO_WPA = 0 /* WPA not used */,
00103                 WPA_VERSION_WPA = 1 /* WPA / IEEE 802.11i/D3.0 */,
00104                 WPA_VERSION_WPA2 = 2 /* WPA2 / IEEE 802.11i */
00105         } wpa;
00106         int pairwise; /* Pairwise cipher suite, WPA_CIPHER_* */
00107         int wpa_key_mgmt; /* the selected WPA_KEY_MGMT_* */
00108         struct rsn_pmksa_cache_entry *pmksa;
00109 
00110         u32 dot11RSNAStatsTKIPLocalMICFailures;
00111         u32 dot11RSNAStatsTKIPRemoteMICFailures;
00112 
00113 #ifdef CONFIG_IEEE80211R
00114         u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
00115         size_t xxkey_len;
00116         u8 pmk_r1_name[WPA_PMK_NAME_LEN]; /* PMKR1Name derived from FT Auth
00117                                            * Request */
00118         u8 r0kh_id[FT_R0KH_ID_MAX_LEN]; /* R0KH-ID from FT Auth Request */
00119         size_t r0kh_id_len;
00120 #endif /* CONFIG_IEEE80211R */
00121 };
00122 
00123 
00124 /* per group key state machine data */
00125 struct wpa_group {
00126         struct wpa_group *next;
00127         int vlan_id;
00128 
00129         Boolean GInit;
00130         int GKeyDoneStations;
00131         Boolean GTKReKey;
00132         int GTK_len;
00133         int GN, GM;
00134         Boolean GTKAuthenticator;
00135         u8 Counter[WPA_NONCE_LEN];
00136 
00137         enum {
00138                 WPA_GROUP_GTK_INIT = 0,
00139                 WPA_GROUP_SETKEYS, WPA_GROUP_SETKEYSDONE
00140         } wpa_group_state;
00141 
00142         u8 GMK[WPA_GMK_LEN];
00143         u8 GTK[2][WPA_GTK_MAX_LEN];
00144         u8 GNonce[WPA_NONCE_LEN];
00145         Boolean changed;
00146 #ifdef CONFIG_IEEE80211W
00147         u8 IGTK[2][WPA_IGTK_LEN];
00148         int GN_igtk, GM_igtk;
00149 #endif /* CONFIG_IEEE80211W */
00150 };
00151 
00152 
00153 struct wpa_ft_pmk_cache;
00154 
00155 /* per authenticator data */
00156 struct wpa_authenticator {
00157         struct wpa_group *group;
00158 
00159         unsigned int dot11RSNAStatsTKIPRemoteMICFailures;
00160         u32 dot11RSNAAuthenticationSuiteSelected;
00161         u32 dot11RSNAPairwiseCipherSelected;
00162         u32 dot11RSNAGroupCipherSelected;
00163         u8 dot11RSNAPMKIDUsed[PMKID_LEN];
00164         u32 dot11RSNAAuthenticationSuiteRequested; /* FIX: update */
00165         u32 dot11RSNAPairwiseCipherRequested; /* FIX: update */
00166         u32 dot11RSNAGroupCipherRequested; /* FIX: update */
00167         unsigned int dot11RSNATKIPCounterMeasuresInvoked;
00168         unsigned int dot11RSNA4WayHandshakeFailures;
00169 
00170         struct wpa_stsl_negotiation *stsl_negotiations;
00171 
00172         struct wpa_auth_config conf;
00173         struct wpa_auth_callbacks cb;
00174 
00175         u8 *wpa_ie;
00176         size_t wpa_ie_len;
00177 
00178         u8 addr[ETH_ALEN];
00179 
00180         struct rsn_pmksa_cache *pmksa;
00181         struct wpa_ft_pmk_cache *ft_pmk_cache;
00182 };
00183 
00184 
00185 int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
00186                      const u8 *pmkid);
00187 void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
00188                      logger_level level, const char *txt);
00189 void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
00190                       logger_level level, const char *fmt, ...);
00191 void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
00192                       struct wpa_state_machine *sm, int key_info,
00193                       const u8 *key_rsc, const u8 *nonce,
00194                       const u8 *kde, size_t kde_len,
00195                       int keyidx, int encr, int force_version);
00196 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
00197                           int (*cb)(struct wpa_state_machine *sm, void *ctx),
00198                           void *cb_ctx);
00199 int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
00200                            int (*cb)(struct wpa_authenticator *a, void *ctx),
00201                            void *cb_ctx);
00202 
00203 #ifdef CONFIG_PEERKEY
00204 int wpa_stsl_remove(struct wpa_authenticator *wpa_auth,
00205                     struct wpa_stsl_negotiation *neg);
00206 void wpa_smk_error(struct wpa_authenticator *wpa_auth,
00207                    struct wpa_state_machine *sm, struct wpa_eapol_key *key);
00208 void wpa_smk_m1(struct wpa_authenticator *wpa_auth,
00209                 struct wpa_state_machine *sm, struct wpa_eapol_key *key);
00210 void wpa_smk_m3(struct wpa_authenticator *wpa_auth,
00211                 struct wpa_state_machine *sm, struct wpa_eapol_key *key);
00212 #endif /* CONFIG_PEERKEY */
00213 
00214 #ifdef CONFIG_IEEE80211R
00215 int wpa_write_mdie(struct wpa_auth_config *conf, u8 *buf, size_t len);
00216 int wpa_auth_derive_ptk_ft(struct wpa_state_machine *sm, const u8 *pmk,
00217                            struct wpa_ptk *ptk, size_t ptk_len);
00218 struct wpa_ft_pmk_cache * wpa_ft_pmk_cache_init(void);
00219 void wpa_ft_pmk_cache_deinit(struct wpa_ft_pmk_cache *cache);
00220 #endif /* CONFIG_IEEE80211R */
00221 
00222 #endif /* WPA_AUTH_I_H */
00223
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Defines
Generated on Sat Nov 21 23:16:49 2009 for hostapd by  doxygen 1.6.1